PHP anti-sql injection filtering code

We provide three functions to filter out some special characters. They mainly use PHP to filter out SQL sensitive strings. Now let’s take a look at this code. Friends in need can take a look and give an example. The code is as follows:

function phpsql_show($str){

$str = stripslashes($str);

$str = str_replace("\", "", $str);

$str = str_replace ("/", "/", $str);

$str = str_replace(" ", " ", $str);

$str = str_replace("," , ",", $str);

return $str;

}

function phpsql_post($str){

$str = stripslashes($str);

$str = str_replace("|", " |", $str);

$str = str_replace("<", "<", $str);

$str = str_replace(">", "> ", $str);

$str = str_replace(" ", " ", $str);

$str = str_replace(" ", " ", $str);

$str = str_replace("(", "(", $str);

$str = str_replace(")", ")", $str);

$str = str_replace ("`", "`", $str);

//$str = str_replace("'", "'", $str);

$str = str_replace('"' , """, $str);

$str = str_replace(",", ",", $str);

$str = str_replace("$", "$ ", $str);

$str = str_replace("", "\", $str);

$str = str_replace("/", "/", $str);

return $str;

}//Open source code phpfensi.com

function phpsql_replace($str){

$str = stripslashes($str);

$str = str_replace("'", "' ;", $str);

return $str;

}